How to inventory threats to build critical IT defenses

From time to time, it’s healthy for companies to identify threats that are unique to their business and what might happen if one of those threats — a cyberattack that compromises customer payment information — manifested.

It’s also prudent for companies to understand what frontline defenses they have (or don’t have) to prevent such threats from impacting their business. Often these are IT systems housing critical data or supporting vital networks.

The recent increase of remote employees has added a layer of risk. Now is a good time to perform a risk assessment to ensure critical data and networks are secure.

Smart Business spoke with Brian Garland, a manager at Rea & Associates, about risk assessments and IT audits, and how the two work together to mitigate threats and their impact.

How do risk assessments and IT audits work together?
Risk assessments should be viewed as a strategic initiative, one that helps define the risk appetite clearly for the company in relation to the key information systems it needs to protect. They help companies understand what’s important to protect and why on a proactive basis, and what the fallout would be if they fail.

In a mature security environment, they’re followed up by IT audits, which determine if the systems and controls that are in place are functioning appropriately to stay within a company’s defined risk tolerances and meet whatever regulatory requirements they might have.

Typically, risk assessments are done annually, especially in environments that contain regulated data. However, any time a company has significant system changes or changes in its environment — the abrupt shift to a remote work environment, for example — it’s a good idea to run an assessment so companies can safeguard their assets appropriately.

How do IT audits map to regulatory compliance?
In regulated industries — banking and health care, for instance — or for companies that accept credit card data, IT audits provide evidence of the company’s compliance with the control requirements in place and establish that there’s an ongoing compliance environment. Companies that face something like a cyberbreach but have documentation of an annual IT audit have, at the very least, proof of an effort to demonstrate and maintain compliance.

With employees now largely working from home, companies need to be cognizant of the security impacts of the technology solution that they choose to make available to their employees. For instance, the decision to allow employees to utilize either an RDP or VPN solution for access to company resources should be weighed specifically by the technology’s potential impact on data confidentiality, integrity and availability. Whatever the situation and the tech used, it’s really about being aware of the potential threats, vulnerabilities and resulting risks, and ensuring that the right software tools, policies and procedures are in place to work securely.

How should companies apply what they’ve learned from an IT risk assessment?
The risk assessment process should give a clear sense of the current IT environment and controls in place, the estimated likelihood and impact of contemporary threats, and where gaps in controls exist that present significant risk. For companies without a security framework already in place, a risk assessment should lead to a list of the controls to be implemented to protect the network and data.

It should also give a sense of how a company is prepared to respond to an event that could shut it down for days or weeks at a time and what that impact might look like.

There should be documented policies and procedures in place to govern IT systems and the underlying data, outlining which activities are permitted by the company. These policies form the basis for the company’s data security program and help demonstrate the control environment in place and its alignment with any regulatory compliance requirements for data security impacting the company. Those policies and procedures should be reviewed and tested annually to make sure they cover all systems, processes and data elements considered critical to the business.

By having a clear understanding of the current risk environment, companies can spend their security resources intelligently.

Insights Accounting is brought to you by Rea & Associates

 

 

Why tested business continuity plans are important in a crisis

A business continuity plan is a set of procedures for maintaining business functions or quickly getting them back up and running in the event of some sort of major disruption — a natural disaster, loss of power, cyberattack or a pandemic.

“All businesses should have a business continuity plan because every one of them could be affected by disruptions,” says Carly Devlin, managing director, Clark Schaefer Consulting. “Without a business continuity plan, it could take longer than necessary to recover or the business might not recover at all. The pandemic has been a test for all businesses, and already there are organizations that are likely not able to come back when this ends.”

Smart Business spoke with Devlin about business continuity plans, what they should include and how to ensure they’re helpful when a disaster strikes.

What are the core components of an effective business continuity plan?

For a business continuity plan to be effective, a business impact analysis is required. That’s a process for identifying key business areas within an organization and their critical functions to devise a plan that outlines how each will operate in the event of a major disruption.

The next aspect of a business impact analysis is identifying potential losses — usually categorized into financial, legal, reputational and regulatory losses — and trying to understand what impact those losses would have on the organization over different lengths of time. At the same time, interdependencies between IT systems and those critical business functions should be identified. A recovery time objective tests how quickly each business function and IT system needs to be back up and running before unacceptable losses occur. At the end of the process, companies will better understand how to prioritize recovery efforts.

The third component is continuity procedures, which focus on contingency plans for people and processes in the event of various interruptions. That amounts to a lot of ‘what if’ scenarios and making sure that, for each of those, the business could continue operating while minimizing unacceptable losses.

How have business continuity plans performed so far during the pandemic?

There have been mixed results. Organizations that have more mature business continuity plans were better able to utilize their plans to transition their employees to work remotely. Organizations that didn’t have a mature business continuity plan have tended to struggle through the transition.

We’ve also seen a lot of organizations have a very general or high-level business continuity plan that doesn’t offer specific steps to take in the event of a disaster. That’s because many organizations have never tested their business continuity plan, which is the only way to measure the effectiveness of the plan. Organizations are now learning in hindsight from the shortcomings of their plans and are hopefully updating their plans so that they’re better prepared in the future.

What tools should businesses use to develop better business continuity plans?

There are various tools to help with business continuity planning. Some are free, such as online checklists and templates, and others have a cost associated with them. Some CPA and business advisory firms can help organizations with business continuity planning. They can help build a plan from scratch, update an existing plan or help with implementing and socializing the plan so that all the stakeholders involved clearly understand their role in its execution. Firms can also help test the plan using, for example, tabletop exercises that run through and poke holes in it to find the flaws.

A business impact analysis is a critical first step in developing a business continuity plan. You can’t effectively recover processes and systems without understanding which of them are critical, so the response can be prioritized and recovery can begin. Don’t forget to test, because too often, organizations discover at the worst possible time that their plans are ineffective or unrealistic.

Insights Accounting is brought to you by Clark Schaefer Hackett

Common issues new business owners face and how to avoid them

Entrepreneurship is not for the weak or weary. It’s rewarding but it’s tough. It offers business owners the potential to be the highest paid person, but only if they can run a business successfully. And that typically means getting outside their comfort zone.

“Where entrepreneurs often get tripped up is when they fail to realize they are not a hair stylist but an owner of the salon,” says Betty L Collins, CPA, a director at Brady Ware & Company. “Entrepreneurs get so wrapped up in working in the business that working on the business is sometimes an afterthought.”

Smart Business spoke with Collins about the obstacles to success small business owners face and how they can learn to overcome them.

What are the issues small business owners have the most difficulty moving their business beyond?

There are several issues small businesses encounter that make it difficult to take it to the next level. For example, entrepreneurs often make mistakes when it comes to capital. They might leverage the wrong debt or have trouble securing a loan. Jumping in despite a specious funding situation can be dangerous and will make the first three to five years harder than they will already be.

Profits need to be used to pay down debt, reinvest in the business and pay the owner a salary, so entrepreneurs need to know if their product or service is profitable. That means having a deep understanding the company’s financials, something that could require a greater understanding of finances than they currently have.

Small business owners tend to make the mistake of waiting for a crisis to happen before they involve the help of outside experts, or hire family and friends to do the work that would be better suited to experienced professionals. This can spring from a general lack of trust or trusting too much the advice of family or professionals. It can also lead to unrecoverable mistakes.

How good are small businesses at self-diagnosis?

For owners, stepping back and assessing the company’s market position can be difficult when most of their time is wrapped up in the day-to-day business. Some owners have trouble facing their reality. They either fail to recognize or downplay the obstacles that are affecting their business, and that can have negative consequences.

It often takes input from others — outside professionals — to identify those obstacles. However, that comes with its own issues. For example, the owner might not have the money to pay someone for an assessment, they don’t know who to ask for help or they’re too proud to ask for help.

Just because the business owner is passionate about and capable of executing on their entrepreneurial idea doesn’t mean they’re capable of managing the bigger picture. Organizational execution means delegating and deferring, and that’s very scary for some. The bigger picture- approach takes discipline and focus. It also means setting aside time, which means reorganizing priorities.

What services should small business owners look for that would help them better identify and remove obstacles?

Small business owners would benefit from understanding that they need a banker, not just a bank. A banker can help a small business owner understand capital and how to be ‘lendable’ in all phases of the business.

Additionally, not only do business owners need an attorney and an accountant, but those professionals need to know each other. Through setup, strategy, transition and selling, those professional need to work as a team on behalf of the owner.

Unfortunately, many owners don’t know how to choose an adviser, so they may instead rely on family or friends. Or, when reaching out for professional help, they often first ask, ‘How much?’ rather than interviewing to determine the professional’s level of expertise. It takes a pursuit with an open mind to find professionals who have the right outside perspective. But doing so could save owners a lot of hassle, or save their business altogether.

Insights Accounting is brought to you by Brady Ware & Co.

How business owners can maximize value when selling their company

Business owners build and nurture their business for years. And when the time comes for them to walk away, owners often overlook the importance of due diligence work and preparation. Sellers, however, often aren’t sure what buyers are actually looking for, and that can affect outcomes. Ignoring or de-emphasizing tax due diligence can result in significant transaction erosion, or worse: failed transactions, lost time and distraction from normal business operations.

“By understanding what buyers are looking for and how transactions might be structured, sellers can put themselves in a position to court buyers who will provide the value the seller wants in the end,” says Keri Boergert, a principal with Clark Schaefer Hackett CPAs & Advisors.

Smart Business spoke with Boergert about sale types, due diligence and what buyers are looking for in an acquisition.

What is the difference between an asset deal and a stock deal when selling a company?

In a stock deal, the entire company is sold. That means everything transfers to the buyer, including all the existing tax liability risk. Stock deals are used when a seller wants to get rid of the entire business. Sellers would prefer a stock deal.

Companies that have significant liabilities, however, may not be able to find a buyer for a stock sale. That’s because, from a buyer’s perspective, the tax liability is often a significant factor in their decision. In an asset deal, typically only certain tax liabilities transfer to a buyer. 

Sellers might use an asset sale if they’re unable to get the value they want from the sale of the company through a stock sale. 

How do buyers and sellers prepare for a deal, whether stock or asset?

All deals involve financial due diligence and an exploration of the tax situation to determine the company’s fair value and the risk to the buyer. The process is also a factor in determining whether the best approach is a stock or asset sale.

What are the benefits of due diligence for sellers?

The benefits of tax due diligence for sellers are myriad. The seller can optimize the value of the transaction, minimize exposure to risks and liabilities, assess oversights before entertaining buyers, gain increased negotiation power, retain better control and credibility throughout the transaction cycle and have a higher probability of closing the transaction. 

What might sellers uncover in a due diligence process?

Tax attributes, for one. This analysis can be valuable to a seller. Attributes such as net operating loss carryovers, business credit carryovers, minimum tax credits and capital losses should be considered.

There are other tax considerations, as well. Employment tax can be a risk — sellers should know the particulars of how their employees are classified. Sales and use tax is an area to watch — sellers need to understand the post-Wayfair particulars of their state’s online sales tax and economic nexus laws. Lastly, Wayfair has also had implications on income tax. Both sellers and buyers should be aware of relevant economic nexus standards for income, franchise and gross receipts tax in their state(s).

How can sellers get the most value in a transaction?

For sellers concerned about moving on from their business, due diligence can seem unnecessary. But by identifying and understanding their risks, the seller has a chance to clean them up. That gives sellers the best chance to get the highest value for their company.

Sellers should work with an accounting firm that has a transaction advisory services team with a history of M&A transaction experience before going to market. They can put the company through tax and financial diligence to show the seller what buyers will see and deal with any issues well before a sale process.

Insights Accounting is brought to you by Clark Schaefer Hackett

Are you ready to answer questions about your triple bottom line?

Triple bottom line, which measures the social, environmental and financial impact of business, may have seemed like a fad a decade ago, but the growing number of sustainability reports issued by large corporations show that this fad is here to stay.

Michael Borowitz, CPA, Columbus shareholder at Clark Schaefer Hackett, says companies still spend more time and effort worrying about the financial bottom line because being able to pay employees and make shareholders happy is a constant pressure. But that’s not the only factor.

“A company’s ability to articulate its social and environmental bottom lines can be a differentiator in the marketplace,” he says.

Smart Business spoke with Borowitz about triple bottom line and what it may mean for your business.

Why do organizations look to measure and improve social and/or environmental impacts, in addition to the financial bottom line?

Some companies will invest in the social and environmental bottom lines because they see a strong correlation with the financial bottom line. Often, this is because they see their customers making purchasing decisions in part based on social and environmental issues. Companies have also experienced the negative financial impact of associating with businesses that negatively impact society or the environment.

Another reason is the knowledge gain. As organizations start to think about their social and environmental connections differently, it can spark innovation. If, for example, one initiative is to reduce waste, a business may find software or a process that eliminates a significant amount of paper. This may have the added effect of making them more efficient, which adds to their profitability, in addition to lessening their negative impact on the environment.

Very few large corporations haven’t at least had an internal conversation to determine where they stand on these topics. Whether they’ve got a plan in place will depend on the organization. Those wanting to work with the largest companies will need to be able to answer the question, “What are you doing about your environmental and social impact?”

What do you see the most successful companies do when utilizing sustainability standards or triple bottom line?

There’s a huge variance in terms of how much time, materials and money go toward making changes in social and environmental impacts. The goal isn’t universally specific; it’s about constant measurement and constant improvement.

Organizations need to always be looking out to the future, finding the next strategy for increasing their economic, environmental or social bottom line. They must have a process that continuously evaluates and refines what they’re doing.

Is it hard to measure this?

Measurement is the often the most difficult piece, even though technology is increasing our ability to detect and measure different variables. Today, however, there are a lot of factors that aren’t easily measured, which leads to a significant element of estimation.

How can businesses get started?

Start small, so you can get your mind around it. Don’t pull a sustainability report from a large publicly traded company and expect to duplicate it as a first step.

Pick a small boundary, possibly a segment of your business, to start with. You will likely find that you already perform some sustainability activities, e.g., a recycling program.

Triple bottom line is very scalable. Beyond the initial brainstorming, you’ll need to create a baseline by measuring your current status. Then, develop an improvement plan.

Tackling the low-hanging fruit gets your people aligned and thinking methodically about it. Once you get your feet wet and learn how to make a plan, execute the plan and revise the plan, then you can more easily expand the boundaries of your plan into different areas.

Insights Accounting is brought to you by Clark Schaefer Hackett

How to prepare for an audit of your financial statements

When it is time to bring in an external audit firm — perhaps because lenders, investors or a regulatory body triggered the need to audit your financial statements — preparation and responsiveness are crucial to ensure the process is as smooth and painless as possible.

“There’s nothing worse than calling the client the Wednesday before you’re supposed to begin the audit and say, ‘We’re scheduled to be there on Monday. Is everything ready?’ And the business owner replies with, ‘I’m not ready. Can we push it back a week?’” says Deborah A. Sabo, CPA, principal at Ciuni & Panichi.

Auditors’ schedules are packed, especially during the busy season, and pushing it off causes chaos, she says.

Smart Business spoke with Sabo about how to get ready for an audit.

How should companies choose an auditor?

Look for an auditor with experience in your industry. If, for example, it’s an employee benefit plan audit, you don’t want to hire a firm that only does three plan audits.

Also, check that the auditor has a clean peer review opinion. Every three years, the American Institute of Public Accountants requires its member firms to undergo a peer review. A peer review is a periodic external review of a firm’s quality control system on accounting and auditing.

Do not select a firm on price alone. Because, like everything else, sometimes you get what you pay for. You need to ask, does the firm do many audits? Smaller firms may do many reviews and compilations, but only perform a couple audits a year.

How should the business prepare for the audit beforehand?

First, confirm the dates that the auditors will be at your location. You will want to ensure that your books and records are complete for the time period the accounting firm is scheduled to audit, such as for the year that ended Dec. 31, 2019. This includes preparing reconciliations for all balance sheet accounts to your general ledger. It is critical to do this because you want to make sure your account balances are correct. If your company goes through this analysis and ensures that its books and records are accurate before the auditors come, it reduces the number of potential audit adjustments.

The accounting firm will send you a prepared by client (PBC) list. This list will include most of the items the auditors will need for the audit. Ideally, you want everything on the list completed a week prior to the start of the audit. What you don’t want to do is not have the information on the PBC list available when the auditor comes out. Delays in completing this list can lead to audit cost overruns and increase the cost of your audit.

Once the audit begins, how can business owners and/or the accounting department help ensure everything goes smoothly?

The key is to be available to the auditors when they are on site, and to be responsive to auditors’ requests. The auditor will understand you have other things to do, but if you are not available, it could delay the audit’s completion. If the auditors do not get the information they need to complete their audit procedures, the report may be delayed.

In addition, after the auditors leave your facility, they usually have follow-up questions, so you’ll want to continue to be responsive. Answer their emails, take their calls and let them know the best way to communicate with you.

An efficient audit will minimize additional audit fees. If your company’s records are a mess and require many audit adjustments, the audit will require more hours and, therefore, you could be charged more. In addition, the audit firm also may be required to issue a letter which states that the company has significant deficiencies or material weakness in internal controls. No company wants a letter like that.

How does a business know whether or not it’s received a quality audit?

Here are some questions to consider. Was the audit team present during the audit? Did they spend sufficient time asking questions and having discussions with your team? Was the partner that signs the audit report present? Did he or she interact with the staff, CFO and CEO? Did the auditors give you recommendations to improve processes or internal controls? Giving recommendations are key, as there are always things you can do to improve processes or internal controls.

Insights Accounting is brought to you by Ciuni & Panichi, Inc.

Have you thought about outsourcing your accounting functions?

There’s been an explosion of outsourced accounting, says Matthew Long, CPA, principal and director of Client Advisory Services at Rea & Associates. The driver behind it all? Technology. Artificial intelligence, machine learning and automation do the heavy lifting with manual data entry and transactional work, so internal accounting is more about managing exceptions and outliers.

“Businesses of all sizes are outsourcing,” Long says. “It’s become a trend the past five years, even though large corporations do it on a different scale and in a different way than mom-and-pop shops.”

A large corporation might outsource its transaction-level work, so an accounting department or CFO can focus on analysis. A small or midsized business may outsource all accounting, where the transactional piece is all to get good data and controller/CFOlevel service from the outside provider.

Smart Business spoke with Long about the benefits of outsourced accounting functions.

Why would you outsource your accounting?
The most valuable reason to outsource is to automate your systems and transactions, which helps you get information quicker. The financial data isn’t historical, where it’s 30 days before you see results. You go from keeping score and doing accounting functions because you need to maintain a set of books for a tax return or because the bank requires it, to maintaining a set of books so that you can use it as a tool to analyze data. You can move rapidly as the business environment changes.

Other times, it’s a cost-cutting exercise. If a full-time person fills his or her day with tasks that aren’t accounting related to keep busy, it may not be worth having a fixed cost associated with it. The outsourced provider often uses a more deliberate and efficient process, so that firm is able to do the work quicker and/or cheaper. By outsourcing, you obviously get an accounting professional, but you also get a team. You don’t rely on one person, where you’re scrambling if that person gets sick or leaves. It helps from a planning standpoint, too. The labor market is competitive, and you don’t have to compete to find talented people.

What’s an example of improved efficiency?
With accounts payable, historically, a clerk opens the mail, reviews the invoice and signs off that it’s accurate. Then, someone else enters it into the accounting system. Thirty days go by, and an employee cuts a physical check, compares it to the invoice, signs it, stuffs an envelope and mails it.

Now, with technology, your vendor sends the bill directly to a dedicated accounts payable email address, and software in the background reads that invoice. It picks out the vendor name, address, due date, dollar amount, etc., to code and save it for the system. An employee reviews the information electronically and clicks a button — file and pay. When the invoice is due, the payment is sent electronically with the invoice attached to the ACH or wire transfer. Again, a set of eyes looks at it and says, “Yes, that’s accurate.”

How can companies determine if outsourcing make sense for them?
Some outsourced accounting practices have an all or nothing approach. Others take a tailored approach. You’ll need to consider what components you want to continue to do in house because it’s easier, less back and forth, cheaper, etc. Questions to ask are: How are you doing your accounting? How often are the decision-makers — controller, CFO, business owner or COO — looking at the financials? How soon are those financials presented? Could time be better spent? Or, are there things that you’d like, from a financial reporting aspect, that you’re not getting?

Custom dashboards can go beyond the raw numbers. You can analyze customers, sale trends or inventory. It comes down to what are you trying to accomplish, but it doesn’t happen overnight. It takes time to evaluate the current system and processes and put together the best technology stack or solution. Then, the outsourced firm can help implement and integrate the team into it. It can be intimidating, but you don’t have to go from where you’re at now, to the best. It can be gradual because change is never easy.

Ultimately, you want to put systems in place and revamp your processes, in order to scale, grow and focus on profitability, cash flows or whatever is most important to you.

Insights Accounting is brought to you by Rea & Associates

Nonprofits need their community’s trust more than ever

It is estimated that there are 1.5 million registered nonprofits in the U.S., each of which, in their own way, strive to make the world a better place. But in order to do that, they must first win the trust of the communities they serve.

“There’s a misconception that nonprofits get the majority of their funding from contributions,” says Melessa L. Behymer, CPA, a director at Brady Ware & Company. “On average, approximately 73 percent of their funding comes from fees for services from private and government sources, 9 percent from government grants and around 13 percent from contributions. All of these funding sources, in one way or another, require the organization to have community trust.”

Nonprofits, she says, are held to the highest threshold of accountability and are expected to be open and transparent in all areas. However, it can be a struggle to meet all the demands this expectation brings because the amount of data that nonprofits must maintain can be daunting.

“In an era of growing needs and shrinking resources, many nonprofits are starved for the kind of support that can strengthen their operations,” Behymer says. “Contribution income is the bridge, but organizations must show donors that they are trustworthy and good stewards of their contribution dollars because once public confidence is lost, it can be detrimental to nonprofits’ survival.”

Smart Business spoke with Behymer about some of the ways nonprofits can earn the trust of their stakeholders.

Why is trust between a community and its nonprofits an issue today?

Trust is the backbone in the relationship between a nonprofit and the community. The number of nonprofits grows every year, which means more competition for essentially the same dollars.

Additionally, social media has made it easier for nonprofits to reach people, increasing competition among organizations for the attention of donors. And the proliferation of the internet, along with more internet-savvy people, means that its easier than ever to research organizations to learn how they put those contributions to work.

Nonprofits that have questionable practices are far more likely to find their reputation in question, which can have a negative impact on contributions.

How can nonprofits gain the trust of the community through their board of directors?

Nonprofits must provide program outcomes that are impactful, that meet stakeholder expectations and do that in a manner that is both fiscally efficient and transparent. Much of this starts at the top. Nonprofits must have a strong board of directors who can be ambassadors capable of engaging the community. To do that, the board must understand the organization’s mission, the environment it operates in and be committed to organizational accountability.

This will look different from one nonprofit to the next. A small nonprofit with a small staff will need the board to be the expertise it can’t hire. They will need professionals such as CPAs, attorneys, and human resource experts to help the organization be in line with laws and regulations as well as help create the policies and procedures needed to be transparent. Larger nonprofits boards also require professionals, but their focus would be more strategic in nature.

How can nonprofits prove they’re transparent?

Nonprofits must have a strong set of policies and procedures in place in all areas of the organization so the community knows that programs are being monitored, run efficiently, and meet stakeholder needs.

Trust in financial accountability is critical. The organization must have systems in place to account for the money that comes in and report results. Large nonprofits can hire staff to ensure this happens. Smaller nonprofits struggle in this area. This is why most nonprofits will have a relationship with an outside accounting professional. Annual, independent financial statement audits are a powerful tool for the organization to show the community they are trustworthy.

Communities have a high level of expectation for their nonprofits. And while most funding comes from fees for services, it often doesn’t cover the cost of providing the services, which is why contribution income is critical and why transparent and accurate reporting is crucial to a nonprofit’s success.

Insights Accounting is brought to you by Brady Ware & Company

4 reasons why your technology isn’t working — and what to do about it

Business executives understand technology is critical for daily operations like communication and processing orders, which is why IT spending keeps growing. But many of those same executives don’t realize a meaningful return on their technology investment.

“They’re dissatisfied with the results of their implementation,” says Glenn Plunkett, director of application development at Clark Schaefer Hackett. “With bottlenecks and processing headaches, what they end up with only meets their desires halfway.”

Plus, recurring costs for support staff, license renewals, etc., make tech investments feel more like a cost than added value.

“The technology isn’t optimized,” adds Mat Jackson, director of sales at Clark Schaefer Hackett. “It isn’t a competitive advantage that produces meaningful data or adds efficiency.”

Smart Business spoke with Plunkett and Jackson about the potential barriers to reaping rewards from your technology tools.

Why is outdated technology a challenge?

Technology has a limited lifetime, so think of your systems as a constantly evolving asset. Over time, performance can degrade, business processes can change and newer/better tech may be available. Plus, most vendors sunset support for aging systems.

If your business still uses legacy technology systems, more modern hardware and software will likely provide many benefits. Remember, the ROI on tech investments decreases over time, so you should continuously evaluate and modernize your technology stack.

How can untrained users derail technology implementation and use?

Don’t assume your staff automatically knows how to use your systems. That’s why training resources is a worthwhile investment.

When new software or workflows are first deployed, end user training and communication are usually part of the process. However, users often only absorb the minimum knowledge necessary to accomplish their job. New staff also may not receive the same level of training as when the system was first delivered. Training and retraining remind users of your policies and procedures and help leverage your investment in the system. Therefore, be deliberate about allocating resources.

What happens when technology doesn’t adapt to work processes?

As business needs change and teams grow, workflows change. Technology tools need to support new ways of doing business, and systems need to change accordingly. In addition, off-the-shelf software may require you to alter your way of doing things to accommodate the way these tools work. 

Custom software can help mitigate this, bridging gaps between systems or implementing custom workflows from the ground up. Often, the cost can be recouped quickly with productivity savings.

What if work-arounds already meet your needs?

If you are using multiple tools to accomplish one task or using people to perform tasks that the computer should be doing, technology isn’t serving your business. Work-arounds are often the result of out-of-date tech, untrained users and tools that aren’t adapted to current work processes. 

It’s common for business users to turn to spreadsheets to get their work done because the business systems at their disposal cannot do what they need. Reporting, data manipulation and workflow automation are all good examples of areas where businesses use a tech tool with a manual component. However, these are also examples of things that can be automated.

For example, month-end closing might take weeks if your organization has a complex structure. It requires manual efforts to assemble the data, check the accounts and ensure proper allocation, in order to produce the reports that are reconciled against the ledger and ultimately used to generate the P&L statement. Fully leveraged technology can cut that time dramatically; what took weeks with manual work can turn into a handful of days.

While throwing more people at a problem is sometimes the best solution, first ask yourself whether technology can be employed in a better way. Rather than accepting manual work for repetitive tasks, put technology to work and free up people to be productive and creative.

Insights Accounting is brought to you by Clark Schaefer Hackett

Dissecting what the SECURE Act means for retirement plans

The SECURE Act, which stands for “setting every community up for retirement enhancement,” became effective Jan. 1, 2020. Jeffrey Spencer, principal at Ciuni & Panichi, says the law is likely the biggest change to retirement plans since the Pension Protection Act of 2006.

“The SECURE Act encompasses a host of provisions that increase the ability for people to save for retirement — either on their own through IRAs or retirement plans that their employers sponsor,” Spencer says. “Because the problem of retirement will only worsen as baby boomers retire, the ability to count on Social Security lessens, and millennials follow the trend of not saving enough.”

Smart Business spoke with Spencer about how the SECURE Act could affect both individuals and employers.

How does the SECURE Act impact the stretch IRA?

A stretch IRA was an estate planning strategy to shelter inherited IRA assets and income. You might pass your IRA down to your children, who could utilize it over the rest of their lives, without being taxed upfront. Based on their life expectancy, non-spouse beneficiaries would take a small required percentage annually, as the remaining funds continued to grow tax deferred. The SECURE Act effectively ended the stretch IRA. Now, a non-spouse beneficiary must liquidate the entire IRA within 10 years of the death of the original account owner. This generates revenue because withdrawals can be taxed sooner.

With the new 10-year limit on inherited IRAs, what are the planning challenges?

This mainly impacts the non-spouse beneficiaries of people with large amounts in their retirement accounts, such as C-level executives. An inherited IRA of $10,000 is less of an issue than $100,000-plus, which can impact your income tax bracket on a federal and/or state level. (Roth IRAs are excluded from taxable income but are required to follow the new 10-year rule.)

Higher income can affect Social Security taxation; Medicare Part B & D premiums; Income-Related Monthly Adjustment Amounts (IRMAA); interest taxation; qualifying for tax deductions or credits; and capital gains or dividend taxation. Another consideration is the Free Application for Federal Student Aid (FAFSA) and/or College Scholarship Service (CSS) Profile. If beneficiaries take too much one year, they may earn, in the government’s eyes, too much for financial aid. Also, some student loan payment rates are based upon income.

What can minimize these potential impacts?

Beneficiaries should work with an accountant and financial adviser. They don’t need to take funds every year and it doesn’t need to be the same amount each time — as long as the account is empty by year 10. That’s why it’s critical to create a withdrawal strategy, which looks at tax deductions and credits and utilizes planning and educated assumptions to minimize the impact. Also, beneficiaries who are 70.5 and older can give the inherited IRA money directly to a charity with no tax consequences.

Where do age limits differ under the act?

Previously, you couldn’t fund a traditional IRA, starting the calendar year you turned 70.5. With the SECURE Act, there are no age limits. This helps people who A) want a tax deduction, B) don’t have an employer plan, or C) are looking to fund a Roth IRA but were excluded due to income and/or tax filing thresholds.

In addition, seniors had to start taking minimum distributions at age 70.5. The SECURE Act pushes that to 72, starting with those who turn 70.5 in 2020.

How does this law impact businesses?

Under the law, more part-time employees can defer income. If you work at least 500 hours three consecutive years, your employer cannot preclude you from contributing to a 401(k).

The SECURE Act also enables small or midsize employers to join open multiple employer plans (MEPs) more easily. This is where unrelated employers sponsor retirement plans through a third party. The new rule separates out bad apples that aren’t administrating the plan properly — so it doesn’t taint the whole plan for all members.

The takeaway for executives is, make sure you take advantage of these new rules. If your company has a pre-existing retirement plan, you’ll still have to amend your plan and comply with the new rules as they come online over the next few years.

Insights Accounting is brought to you by Ciuni & Panichi, Inc.